Got Yahoo Messenger? Hit refresh.
Yahoo on Thursday issued a patch for a highly critical security flaw, just a week after it issued another Yahoo IM security update.
In this latest case, a security flaw was discovered in the ActiveX control, which is part of the Yahoo services suite that is typically downloaded with the Yahoo Messenger installer. The vulnerability could be exploited if a user visits a malicious Web site, which in turn could lead to a buffer overflow attack and launch of arbitrary executable code.
Not a good thing.
Yahoo is calling on users to update to version 220.127.116.119. That would apply to any user running a version older than Wednesday.
On the bright side, Yahoo says it knows of no exploits for this particular flaw at this time.